summaryrefslogtreecommitdiff
path: root/doc/user/application_security/configuration/index.md
diff options
context:
space:
mode:
Diffstat (limited to 'doc/user/application_security/configuration/index.md')
-rw-r--r--doc/user/application_security/configuration/index.md23
1 files changed, 17 insertions, 6 deletions
diff --git a/doc/user/application_security/configuration/index.md b/doc/user/application_security/configuration/index.md
index 32a523a1871..5eb1b93eb76 100644
--- a/doc/user/application_security/configuration/index.md
+++ b/doc/user/application_security/configuration/index.md
@@ -2,7 +2,7 @@
type: reference, howto
stage: Secure
group: Static Analysis
-info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/product/ux/technical-writing/#assignments
---
# Security Configuration **(FREE)**
@@ -19,12 +19,23 @@ The Security Configuration page lists the following for the security testing and
- Whether or not it is available.
- A configuration button or a link to its configuration guide.
-The status of each security control is determined by the project's latest default branch
-[CI pipeline](../../../ci/pipelines/index.md).
-If a job with the expected security report artifact exists in the pipeline, the feature's status is
-_enabled_.
+To determine the status of each security control, GitLab checks for a [CI/CD pipeline](../../../ci/pipelines/index.md)
+in the most recent commit on the default branch.
-If the latest pipeline used [Auto DevOps](../../../topics/autodevops/index.md),
+If GitLab finds a CI/CD pipeline, then it inspects each job in the `.gitlab-ci.yml` file.
+
+- If a job defines an [`artifacts:reports` keyword](../../../ci/yaml/artifacts_reports.md)
+ for a security scanner, then GitLab considers the security scanner enabled and shows the **Enabled** status.
+- If no jobs define an `artifacts:reports` keyword for a security scanner, then GitLab considers
+ the security scanner disabled and shows the **Not enabled** status.
+
+If GitLab does not find a CI/CD pipeline, then it considers all security scanners disabled and shows the **Not enabled** status.
+
+Failed pipelines and jobs are included in this process. If a scanner is configured but the job fails,
+that scanner is still considered enabled. This process also determines the scanners and statuses
+returned through the [API](../../../api/graphql/reference/index.md#securityscanners).
+
+If the latest pipeline uses [Auto DevOps](../../../topics/autodevops/index.md),
all security features are configured by default.
To view a project's security configuration:
View Lorry Controller Status